Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MarkText WSH JScript code injection
Vulnerability Description
A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221737 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
MarkText 代码注入漏洞
Vulnerability Description
MarkText是一个简单而优雅的开源 Markdown 编辑器,专注于速度和可用性。 MarkText 0.17.1版本及之前版本存在代码注入漏洞。攻击者利用该漏洞可以注入任意代码。
CVSS Information
N/A
Vulnerability Type
N/A